[27766] in North American Network Operators' Group
Re: Alternative to BGP-4 for multihoming?
daemon@ATHENA.MIT.EDU (Chris Brenton)
Sun Mar 12 13:30:21 2000
Message-ID: <38CBE2D1.686E4B7A@sover.net>
Date: Sun, 12 Mar 2000 13:32:49 -0500
From: Chris Brenton <cbrenton@sover.net>
Reply-To: cbrenton@sover.net
MIME-Version: 1.0
To: "Peter A. van Oene" <vantech@sympatico.ca>
Cc: nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
"Peter A. van Oene" wrote:
>
> Essentially, the 3DNS box assumes the DNS entry for the site for which the
> customer requires multihoming and it intelligently balances traffic amongst
> any geographically disparate sites. This allows for high availability.
If I'm not mistaken, it accomplishes this in a somewhat obtrusive
manner. The box attempts an xfer back to TCP/53 on the querying DNS
server. Based on response time, a proper route is chosen. I've seen a
lot of posts to Intrusion & GIAC from people who assumed someone was
trying enumeration in preparation for an attack, only to find out it was
one of these boxes.
I also seem to remember a post on GIAC showing Snort traces of one of
these boxes actually performing a full xfer if the box was not locked
down. Do you use one of these boxes? If so, any idea what happens to the
xfer data?
Ignoring the argument as to whether its appropriate to attempt xfers on
unsuspecting networks, I also see this as being pretty inefficient. A
good quantity of sites are now running split DNS so the querying server
is not even reachable. This means a fair percentage of the time the load
balance attempt will outright fail.
Don't see this replacing BGP anytime soon. ;)
Chris
--
**************************************
cbrenton@sover.net
* Multiprotocol Network Design & Troubleshooting
http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
